CCIE Service Provider Techtorial

CCIE Service Provider Techtorial
LIZABETE CACIC – TECHNICAL LEADER
OVIDIU CONSTANTIN – SENIOR SYSTEM ENGINEER

“If you know the enemy
and know yourself,
you need no fear the result
of a hundred battles.”
Sun Tzu
The Art of War

House Keeping Notes
• Thank you for attending Cisco Connect Toronto 2015, here are a few
housekeeping notes to ensure we all enjoy the session today.
•  Please ensure your cellphones / Laptops are set on silent to ensure
no one is disturbed during the session
•  A power bar is available under each desk in case you need to charge
your laptop

Agenda
•  Certification Program Overview
•  CCIE SP – New Blueprint – What Changed?
–  Written Exam
–  Lab Exam
•  Demo/Case Study
–  Written
–  Lab
•  Preparation Materials, Tips, and Tricks
•  What is next?

§  Not all topics discussed today
appear on every exam
§  Due to time restraints, we are
unable to discuss every feature
and topic described in the exam
blueprint
Disclaimer

Certification Program Overview

Certification Tracks
https://learningnetwork.cisco.com

Expert Level Tracks
Emphasizes network
design principles and
theory at the
infrastructure level
VPN solutions and
security for Layer 2 and
Layer 3 network
infrastructure,
application protocols
and OS
Collaboration, Unified
Communications, or
Voice and Video
Network for design,
implementation and
troubleshooting
Datacenters
infrastructure, storage,
compute and
virtualization
Networking across LAN
and WAN interfaces and
variety or routers and
switches
IP fundamentals and
technologies in building
an extensible service
provider network
troubleshooting SP
networks, managing SP
processes and
knowledge of NMS
technology
Wireless networking
with solid understanding
of WLAN technologies
from Cisco
RETIRED

§  Select Cisco Locations
§  8 hours lab
§  Cisco Documentation
§  Score within 48 hours
CCIE / CCDE Certification Process
Practical ExamWritten Exam
CCIE /
CCDE
First attempt
within 18
months§  Pearson Location
§  2 hours
§  90-110 questions
§  No documentation
§  Immediately scored

Proactive and Holistic Candidate Feedback
•  Cisco Business Units
•  Cisco Technology groups
•  Cisco Technical Support teams
(TAC, AS, etc)
•  Cisco-internal and Cisco-
external Subject Matter Experts
•  Customer Advisory Boards
•  Customer Focus Groups
•  Customer and Cisco field
surveys
•  Cisco Product Manager,
Marketing Manager, and
Program Manager
Create
or Refresh
Exam
Content
INPUT FEEDBACK
•  Candidate Exam and item
comments
•  Candidate Satisfaction
Surveys
•  Customer Service Cases
•  EAG (Exam Advisory
Groups)
•  Cisco Learning Network
•  Blogs

§  Validity
§  Reliability
§  Fairness
§  Congruency
§  Relevancy
§  Intended use of the test scores
§  Definition of Minimal Qualified Candidate
Performance Assessment

§  Recognizes experts with highest level of technical knowledge
§  Hands-on experience in a Service Provider segment
§  Describe and Design
§  Configure and Optimize
§  Diagnosis and Troubleshoot
§  Extensible Service Provider infrastructure delivering rich services
§  There is an demand for Service Provider experts in the
industry
§  CCIE SP certification was introduced in 2002
§  Currently is in the version 3 of the program
§  Version 4 will be launched in May 2015
CCIE Service Provider Program

CCIE SP – New Blueprint
What changed?

§  Certification process unchanged
§  Exam curriculum and format changed
§  Designed and validated with industry experts around the world
§  Cisco Customer, Cisco Partners, and Cisco Employee Engineers
§  Update and Aligned with Service Provider evolution
§  Focus on job role and relevant technologies in the SP market
§  Assessment of platform-independent concepts
§  Improved Certification’s validity, reliability, integrity and security
https://learningnetwork.cisco.com/community/certifications/ccie_service_provider
CCIE SPv4 – Curriculum Overview

§  Emphasis on new technologies
§  More emphasis on dual stack IPv4/IPv6 technologies
§  More emphasis on troubleshooting methodologies
§  Domain based on Service Provider teams and widely SP deployed technologies
§  Core Routing Domain
§  SP Based Services Domain
§  Access and Aggregation Domain
§  High Availability and Fast Convergence
§  SP Security, SP Operation, and Management Domain
§  Exclude transport and access technology
§  which have unique essential certification such as Optical and Wireless
Topics

CCIE SPv3 – Written Exam Topics (350-029)
Domains Weight
1. Describe, Implement, Optimize, and Troubleshoot Core IP Technologies 46%
2. Describe, Implement, Optimize, and Troubleshoot Access & Edge Connection
Technologies
10%
3. Describe, Implement, Optimize, and Troubleshoot Remote Access Technologies 3%
4. Describe, Implement, Optimize, and Troubleshoot L3VPN Technologies 24%
5. Describe, Implement, Optimize, and Troubleshoot L2VPN Technologies 10%
6. Describe, Implement, Optimize, and Troubleshoot Management Service Traversing the
Core
3%
7. Describe Service Provider Network Implement Principles 4%
https://learningnetwork.cisco.com/docs/DOC-10123

CCIE SPv4 – Written Exam Topics (400-201)
Domains Weight
1. Service Provider Architecture and Evolution 10%
2. Core Routing 23%
3. Service Provider Based Services 23%
4. Access and Aggregation 17%
5. High Availability and Fast Convergence 10%
6. Service Provider Security, Service Provider Operation, and Management 17%

§  Six domains in Written Exam
§  Five domains in Lab Exam
§  New weighting factors
§  Three levels of details, help scoping the expected knowledge
§  Domain
§  Sub-domain
§  Task
CCIE SPv4 – Curriculum Overview

CCIE SPv4 Lab Blueprint Weight
1.  Core Routing 27%
2.  Service Provider Based Services 26%
3.  Access and Aggregation 17%
4.  HA and Fast Convergence 13%
5.  SP Security, SP Operation, and 17%
Management
CCIE SPv4 – Curriculum Alignment
CCIE SPv4 Score Report Sections
1.0 Core Routing
50%
2.0 Service Provider Based Services 100%
3.0 Access and Aggregation
100%
4.0 HA and Fast Convergence
0%
5.0 SP Security, SP Operation, and 100%
Management
Candidate: Liz Cacic
Exam date: 22/May/2015

CCIE SPv4 Lab Blueprint Weight
1.  Core Routing 27%
2.  Service Provider Based Services 26%
3.  Access and Aggregation 17%
4.  HA and Fast Convergence 13%
5.  SP Security, SP Operation, and 17%
Management
CCIE SPv4 – Curriculum Alignment
CCIE SPv4 Score Report Sections
1.0 Core Routing
100%
2.0 Service Provider Based Services 100%
3.0 Access and Aggregation
100%
4.0 HA and Fast Convergence
100%
5.0 SP Security, SP Operation, and 100%
Management
Candidate: Liz Cacic
Exam date: 22/May/2015

CCIE SPv4 – Curriculum Details

§  New Topics
§  Written Only: SP Architecture and Evolution Domain
§  Written & Lab: SP Security, SP Operation, and Management Domain
§  Topics retired/removed
§  Frame Relay and ATM technologies
§  Managed Service Traversing the Core and Network Implementing Principles
Domain
CCIE SPv4 – Key Topic Changes
https://learningcontent.cisco.com/cln_storage/text/cln/marketing/CCIE_SP_Exam_Updates_v3_v4.pdf

§  SP Architecture Concepts
§  Network Architecture components
§  PE, P, and CE
§  Metro Ethernet Core, and Aggregation
§  Platform Architecture components
§  RP, Line Cards, and Fabric Crossbar
§  Virtualization Concepts
§  Router Virtualization
§  Network Function Virtualization
§  Mobility Concepts
§  Mobility Infrastructure
§  RAN
§  Backhaul
§  Core
CCIE SPv4 – SP Architecture and Evolution

§  Core Routing Domain
§  Advanced BGP features such as Add-path and BGP LS
§  Advanced MPLS features such as Segment Routing, G-MPLS, and MPLS-TP
§  mLDP (including mLDP Profiles from 0 to 9)
§  Multicast P2MP TE
§  High Availability and Fast Convergence
§  IP FRR
CCIE SPv4 – Core Routing & HAand Fast Convergence

§  Based Services Domain
§  E-LINE, E-LAN, EVPN, Q-in-Q, Mac-in-Mac, and ITU G.8032
§  Unified MPLS
§  IPv6 Transition Mechanism
§  Access and Aggregation
§  GPON
§  Link Aggregation Techniques
§  Loop Prevention Techniques in Multihomed Environments
§  Broadband Forum TR-101 (Trunk N:1 and Trunk 1:1)
CCIE SPv4 – Based Services &Access andAggregation

§  Timing and synchronization
§  For example 1588v2 and SyncE
§  Network monitoring and troubleshooting
§  EEM and EPC
§  IPFIX
§  IP SLA
§  Ethernet OAM
§  Change management
§  rollback
CCIE SPv4 – SP Security, Operation and Management

§  From the Written and Lab Exams
§  Frame-Relay and ATM connections
§  Describe, Implement, Optimize, and Troubleshooting Managed Service Traversing the Core
§  Describe Service Provider Network Implementing Principles
§  From the Lab Exam
§  Packet over SONET and IP over DWDM
§  SONET/SDH connection
§  T1/T3 and E1/E3 connections
§  IP over DSL
§  IP over wireline
§  IP over cable
CCIE SPv4 – Topics Removed from v3 Exams

§  350-029: CCIE SPv3
§  Until May 21, 2015
§  400-201: CCIE SPv4
§  From May 22, 2015
§  World Wide Location (Pearson VUE)
§  2 hours, 90 – 110 items
§  Multiple Choice / Single Choice / Drag and Drop
§  No “skip-questions”
§  English only
§  Closed book
§  Score directly available
Step 1: CCIE SP Written Exam

§  If MC-SA: Select only one option
§  If MC-MA: Select as many options as directed indicated, ex. “Choose
two”
§  If DnD: Select as many options as there are targets
§  If there is an exhibit, use the information provided by ‘click’ in “exhibit”
§  No “skip” question functionality
Written Exam Guidelines

§  Cisco Location
§  Cisco Online documentation
§  Search function is disabled
§  8 hours
§  Score available within 48 hours
§  CCIE SPv3, 4 Domains
§  Troubleshooting and Configuration module
§  CCIE SPv4, 5 Domains
§  Troubleshooting
§  Diagnostic
§  Configuration
Step 2: CCIE SP Lab Exam

Location
https://learningnetwork.cisco.com/community/certifications/ccie_service_provider/lab_exam?
tab=take-your-lab-exam

Mobile Locations

§  Exam Description
§  Candidate builds a service provider network to a series of supplied
specifications
§  The point values for each question are shown on the exam
§  Some questions depend upon completion of previous parts of the network
§  NOTE
§  It is not a design test
§  Nor a test of “Best Practice” for used in the field
CCIE SP Lab Exam

Lab Exam Topics Version 3.0
Domains Weight
1. Implement, Optimize, and Troubleshoot Core IP Technologies 50%
2. Implement, Optimize, and Troubleshoot Access and Edge Connection Technologies 3%
3. Implement, Optimize, and Troubleshoot L3VPN Technologies 35%
4. Implement, Optimize, and Troubleshoot L2VPN Technologies 12%

Lab Exam Topics Version 4.0
Domains Weight
1. Core Routing 27%
2. Service Provider Based Services 26%
3. Access and Aggregation 17%
4. High Availability and Fast Convergence 13%
5. Service Provider Security, Service Provider Operation, and Management 17%

§  CCIE SPv3
§  Cisco XR 12000 series router running IOS-XR 3.9.1
§  Cisco 7200/7600 series router running IOS 12.2(33)SRE
§  Cisco ME3400E series switch running IOS 12.2(54)SE
§  CCIE SPv4
§  P, PE, and RR role: based on ASR9000 series running IOS-XR 5.2
§  PE, RR, and CE role: based on ASR1000 series running IOS-XE 3.13 (15.4S)
§  PE and CE role: based on Cisco7600 series running IOS 15.4S
§  Access and Aggregation: ME3600 series running IOS 15.4S
Equipment and Software Versions

§  100% virtual
§  New DIAG module
§  Flexible time in the Troubleshoot module
§  Overall cut-score AND per-module minimum score
New Lab Exam Format
Web-based delivery
(2h) (5h)
Optional
+ 30 min
Optional
- 30 min(60 min)

•  120 min
•  Optional +30min
•  Independent incidents
•  Console access to the devices
•  Topology speci!c for TS
scenarios
•  60 min
•  No Optional time
•  Independent tickets
•  No Console access to the devices
•  Multiple source of information (like
diagrams, emails, and logs)
•  300 min (5h)
•  Optional -30min (if used in TS)
•  Dependent items
•  Console access to the devices
•  Topology speci!c for
con!guration scenario
New CCIE Lab Format

§  120 min
§  Optional up to 30 min extra
§  Extract from Configuration Module
§  Independent incidents
§  Console access to the devices
§  Topology specific for Troubleshooting
scenarios
Troubleshooting Module
Skills Tested
•  Quickly resolve network issues
•  Use of IOS/XR troubleshooting
tools
•  Troubleshooting methodologies
application
•  Technology areas listed in the
blueprint
•  Fix and verify the solution for the
network issues

§  60 min
§  No Optional time
§  Independent tickets
§  No Console access to the devices
§  Multiple source of information (like
diagrams, emails, and logs)
Diagnostic Module
Skills Tested
•  Perceive network issues
•  Analyze network issues
symptoms, identify and describe
the root cause
•  Correlate information from
multiple sources
•  Identify appropriate solutions
•  Troubleshooting methodologies
•  Technology listed in the blueprint

Skills Tested
•  Abstract functional element of the
entire network environment
•  Understand how the infrastructure
components interoperate
•  Implement technology areas listed
in the blueprint
•  Design appropriate solutions to
the Service Provider backbone
being aware of the design
constraints
•  Verify functionality
§  300 min (5 hours)
§  Optional time -30 min (if used in TS)
§  Dependent items
§  Console access to the devices
§  Topology specific for configuration
scenarios
Configuration Module

§  Web GUI for all the lab content
§  Guidelines
§  Diagrams
§  Questions
§  Access to the devices
§  Documentation
§  Backend servers manage the user
sessions and holding the virtual
device instances for each user
§  No printed exam workbook
Lab Delivery System

§  Proctors grade all lab exams
§  Automatic tools aid proctors with simple grading tasks
§  Never solely responsible for the final exam grading
§  Proctors are
§  No Partial credit awarded on questions
§  Points are awarded for working solutions only
§  Some questions have multiple solutions
Lab Exam Grading

http://www.cisco.com/web/learning/wwtraining/certprog/training/cert_exam_tutorial.html
Cisco Certification Exam Tutorial

Which statement is true about the Penultimate Hop Popping (PHP)?
Reduce performance on the node
Increase complexity of the hardware implementation significantly
Used only for directly connected subnets or aggregate routes
Used only for BGP prefixes
Multiple-choice Single-Answer

Select the fields specific within the IPv6 header? (Choose five)
Source and Destination Address
Flow Label
Payload Length
Total Length
Time to Live
Traffic Class
Header Checksum
Protocol
Hop Limit
Next Header
Type of Service
Multiple-choice Multiple-Answer

Select the fields specific within the IPv6 header? (Choose five)
Source and Destination Address
Flow Label
Payload Length
Total Length
Time to Live
Traffic Class
Header Checksum
Protocol
Hop Limit
Next Header
Type of Service
Multiple-choice Multiple-Answer
✓
✓
✓
✓
✓

Drag the items listed on the left to its proper category on the right. Not all
items will fit the categories.
Drag and Drop
Layer 2 VPN Layer 3 VPNProvide connectivity of
non-IP protocols
HDLC
RD L2TPv3
AToM
802.1Q
Route TargetVRF
Hierarchical VPLS
Support IP only

Drag the items listed on the left to its proper category on the right. Not all
items will fit the categories.
Drag and Drop
Layer 2 VPN Layer 3 VPN
Provide connectivity of
non-IP protocolsHDLC
RDL2TPv3
AToM
802.1Q
Route Target
VRFHierarchical VPLS
Support IP only

Refer to the exhibit. Eurobank has a high bandwidth source located at
headquarters servicing the Eurobank multicast group 239.255.0.20. This group
has an interested receiver in Eurobank San Francisco. What is the destination
address of the outer packet in the p router in SP1 for this multicast data traffic?
239.255.0.20
200.1.1.1
239.192.10.2
239.129.20.32
196.8.25.1
192.8.25.12
Question with Exhibit

Question with Exhibit
Receiver
Source
CE1CE2
PE2
PE1
P1
EuroBank headquartersEuroBank
San Francisco
(196.7.25.12, 239.255.0.20)
200.3.1.1
200.1.1.1
192.8.25.1 192.7.25.1
192.8.25.12
SP1
Close the Exhibit

§  CE1 eBGP dual home with PE-R2 and PE-R3
§  CE8 eBGP dual home with PE-R6 (XR) and PE-R7 (XR)
§  All VRF CustA sites are configured with the same RD and RT
§  AS1 running OSPF/LDP and MP-BGP
§  RR4 and RR5 are not in the same cluster
§  (R5 as shadow RR router)
Topology – BGP PIC
Question:
Configure AS1 related routers to make
sure fast convergence can be achieved
for both IGP and BGP failure by
leveraging diverse paths. (BGP
additional-path feature is not supported
on RR)

§  Speed up convergence of the FIB under failover conditions
§  è non-BGP failover scenarios
§  è BGP failover scenarios
§  BGP Diverse Path based on
BGP PIC – Prefix Independent Convergence

router bgp 1
!
address-family vpnv4 unicast
advertise best-external
additional-paths receive
additional-paths send
additional-paths selection route-policy add_path_policy
!
route-policy add_path_policy
set path-selection backup 1 advertise install
end-policy
router bgp 1
!
address-family vpnv4
bgp advertise best-external
bgp additional-paths select backup
bgp additional-paths install
IOS: R2, R3, and R4#
Configuration
IOS-XR: R6 and R7#

Configuration
router bgp 1
!
address-family vpnv4
bgp additional-paths select backup
bgp additional-paths install
neighbor 2.2.2.2 advertise diverse-path backup
! Advertise BGP Diverse Path using a Diverse-Path Route Reflector
IOS: (RR) R5#

Verification
R2#sh bgp vpnv4 unicast all
BGP table version is 93, local router ID is 2.2.2.2
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf CustA)
Import Map: LEAK, Address-Family: IPv4 Unicast, Pfx Count/Limit: 0/1000
Export Map: LEAKCE, Address-Family: IPv4 Unicast, Pfx Count/Limit:
1/1000
*bi 1.1.1.1/32 3.3.3.3 0 100 0 18 i
*> 192.168.12.1 0 0 18 i
*>i 8.8.8.8/32 6.6.6.6 0 150 0 18 i
*bi 7.7.7.7 0 100 0 18 i
PE-R2#

Verification
R4#sh bgp vpnv4 unicast all
* i 1.1.1.1/32 2.2.2.2 0 100 0 18 i
*bi 3.3.3.3 0 100 0 18 i
*>i 2.2.2.2 0 100 0 18 i
* i 8.8.8.8/32 6.6.6.6 0 150 0 18 i
*>i 6.6.6.6 0 150 0 18 i
*bi 7.7.7.7 0 100 0 18 i
RR-R4#

Verification
RP/0/0/CPU0:R6#sh bgp vpnv4 unicast
BGP router identifier 6.6.6.6, local AS number 1
BGP generic scan interval 60 secs
BGP table state: Active
Table ID: 0x0 RD version: 0
BGP main routing table version 120
BGP scan interval 60 secs
*>i1.1.1.1/32 2.2.2.2 0 100 0 18 i
* i 3.3.3.3 0 100 0 18 i
* i8.8.8.8/32 7.7.7.7 0 100 0 18 i
*> 192.168.68.8 0 0 18 i
PE-R6#

Verification
RP/0/0/CPU0:R6#sh bgp vpnv4 unicast vrf CustA 1.1.1.1/32
...
Paths: (2 available, best #1)
Not advertised to any peer
Path #1: Received by speaker 0
18
2.2.2.2 (metric 12) from 4.4.4.4 (2.2.2.2)
Received Label 28
Origin IGP, metric 0, localpref 100, valid, internal, best, group-best, import-
candidate, imported
Path #2: Received by speaker 0
18
3.3.3.3 (metric 12) from 5.5.5.5 (3.3.3.3)
Received Label 20
Origin IGP, metric 0, localpref 100, valid, internal, backup, add-path, import-
candidate, imported
PE-R6#

§  Customer XYZ opened a case regards to IPv6 Internet reachability. IPv4
Internet reachability is perfect. Based on resources provided, you need
to diagnose the issue and answer the questions.
Email thread
Network Topology
Logs
Device Configuration
Diagnostic Module

§  Email Thread
Diagnostic Module – Email Thread
From: John <jsmith@customer.com>!
To: Support <support@isp.com> !
Subject: CASE #123456 IPv6 Internet access not working!
!
Hi,!
We configured the R20 for IPv6 connectivity as recommended by your ISP
design team. IPv4 internet connectivity has not being affected, in other
words our CE router can ping the remote PE and have access to the
internet webpages. However, we are not able to access internet webpages
based on IPv6 addresses. Please resolve this issue as soon as possible.!
!
Kind regards,!
John!

!
Hi,!
!
Kind regards,!
John!
From: Support <support@isp.com>!
To: John <jsmith@customer.com>!
Subject: Re: CASE #123456 IPv6 Internet access not working!
!
Hi John,!
Thank you for contacting us. Could you please provide the
configuration applied on CE device as well as the logs collected?!
!
Kind regards,!
Andy!

!
Hi,!
!
Kind regards,!
John!
From: Support <support@isp.com>!
To: John <jsmith@customer.com>!
!
Hi John,!
Thank you for contacting us. Could you please provide the
configuration applied on CE device as well as the logs collected?!
!
Kind regards,!
Andy!
!
Hi Andy,!
Please find attached the information requested. We need to
have this problem sorted out ASAP, it is delaying our new
services roll out. !
!
Kind regards,!
John!

Diagnostic Module – Network Topology
P2PE1
RR4
AS 10
R20
IPv4 onlyIPv4 and IPv6 IPv4 and IPv6
10.10.0.0/16
2001.DB8.CAFE:10::/64
::20
::11
131::1
.21.1
.21.2 .23.2
.23.3
.24.2
.24.4
37::3
Area 0Area 10
20.1
AS 200
ASBR7
37::7
20.20.0.0/16
2001:DB8:20::/48
30.30.0.0/20
2001:DB8:30::/48
ASBR3
2001.DB8.CC1E::/48

§  Logs
Diagnostic Module – Logs
RR4# sh bgp ipv6 uni sum
Load for five secs: 1%/0%; one minute: 1%; five minutes: 0%
Time source is hardware calendar, *20:51:56.781 EST Fri Jan 23 2015
BGP router identifier 10.10.0.4, local AS number 10
BGP table version is 105, main routing table version 105
24 network entries using 3936 bytes of memory
24 path entries using 2400 bytes of memory
4/0 BGP path/bestpath attribute entries using 544 bytes of memory
4 BGP AS-PATH entries using 96 bytes of memory
2 BGP extended community entries using 64 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 7040 total bytes of memory
BGP activity 110/66 prefixes, 163/119 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.10.0.1 4 10 13 27 105 0 0 00:00:13 11
10.10.0.3 4 10 14 20 105 0 0 00:00:08 13

§  Logs
RR4# sh bgp ipv6 uni
...
* i 2001:DB8:20::7/128 ::FFFF:10.10.0.3 0 100 0 20 i
* i 2001:DB8:20::8/128 ::FFFF:10.10.0.3 0 100 0 20 i
* i 2001:DB8:20:37::/64 ::FFFF:10.10.0.3 0 100 0 i
* i 2001:DB8:CAFE::20/128 ::FFFF:10.10.0.1 0 100 0 200 i
* i 2001:DB8:CAFE:10::/64 ::FFFF:10.10.0.1 0 100 0 200 i
* i 2001:DB8:CAFE:1000::/52 ::FFFF:10.10.0.1 0 100 0 200 i
* i 2001:DB8:CAFE:2000::/52 ::FFFF:10.10.0.1 0 100 0 200 i
* i 2001:DB8:CAFE:3000::/52 ::FFFF:10.10.0.1 0 100 0 200 i
* i 2001:DB8:CAFE:4000::/52 ::FFFF:10.10.0.1 0 100 0 200 i
* i 2001:DB8:CAFE:5000::/52 ::FFFF:10.10.0.1 0 100 0 200 i
* i 2001:DB8:CAFE:6000::/52 ::FFFF:10.10.0.1 0 100 0 200 I
* i 2001:DB8:CAFE:7000::/52 ::FFFF:10.10.0.1 0 100 0 200 i
* i 2001:DB8:CAFE:8000::/52 ::FFFF:10.10.0.1 0 100 0 200 i
* i 2001:DB8:CAFE:9000::/52 ::FFFF:10.10.0.1 0 100 0 200 i
* i 2001:DB8:CC1E::30/128 ::FFFF:10.10.0.3 0 100 0 20 300 i
* i 2001:DB8:CC1E:1000::/52 ::FFFF:10.10.0.3 0 100 0 20 300 i
* i 2001:DB8:CC1E:2000::/52 ::FFFF:10.10.0.3 0 100 0 20 300 i
* i 2001:DB8:CC1E:3000::/52 ::FFFF:10.10.0.3 0 100 0 20 300 i
...

§  Logs
PE1# sh bgp ipv6 uni sum
...
1 BGP rrinfo entries using 24 bytes of memory
2 BGP extended community entries using 64 bytes of memory
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/
PfxRcd
10.10.0.4 4 10 43 29 94 0 0 00:15:15 0
2001:DB8:CAFE:10::20
4 200 41 44 94 0 0 00:33:10 11

§  Logs
PE1# sh bgp ipv6 uni
...
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
*> 2001:DB8:CAFE::20/128 2001:DB8:CAFE:10::20 0 0 200 i
r> 2001:DB8:CAFE:10::/64 2001:DB8:CAFE:10::20 0 0 200 i
*> 2001:DB8:CAFE:1000::/52 2001:DB8:CAFE:10::20 0 0 200 i
*> 2001:DB8:CAFE:2000::/52 2001:DB8:CAFE:10::20 0 0 200 i
*> 2001:DB8:CAFE:3000::/52 2001:DB8:CAFE:10::20 0 0 200 i
*> 2001:DB8:CAFE:4000::/52 2001:DB8:CAFE:10::20 0 0 200 i
...

§  Logs
ASBR3# sh bgp ipv6 uni sum
...
BGP table version is 188, main routing table version 188
1 BGP rrinfo entries using 24 bytes of memory
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/
PfxRcd
10.10.0.4 4 10 38 34 188 0 0 00:16:32 0
2001:DB8:20:37::7
4 20 48 42 188 0 0 00:34:36 12

§  Logs
ASBR3# sh bgp ipv6 uni
...
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
*> 2001:DB8:20::7/128 2001:DB8:20:37::7 0 0 20 i
*> 2001:DB8:20::8/128 2001:DB8:20:37::7 0 20 i
*> 2001:DB8:20:37::/64 :: 0 32768 i
*> 2001:DB8:CC1E::30/128 2001:DB8:20:37::7 0 20 300 I
*> 2001:DB8:CC1E:1000::/52 2001:DB8:20:37::7 0 20 300 i
*> 2001:DB8:CC1E:2000::/52 2001:DB8:20:37::7 0 20 300 i
*> 2001:DB8:CC1E:3000::/52 2001:DB8:20:37::7 0 20 300 i
*> 2001:DB8:CC1E:4000::/52 2001:DB8:20:37::7 0 20 300 i
*> 2001:DB8:CC1E:5000::/52 2001:DB8:20:37::7 0 20 300 i
...

§  Logs
RR4# sh bgp ipv6 uni 2001:DB8:CC1E:1000::/52
BGP routing table entry for 2001:DB8:CC1E:1000::/52, version 0
BGP Bestpath: deterministic-med
Paths: (1 available, no best path)
Refresh Epoch 1
20 300, (Received from a RR-client)
::FFFF:10.10.0.3 (inaccessible) from 10.10.0.3 (10.10.0.3)
Origin IGP, metric 0, localpref 100, valid, internal
rx pathid: 0, tx pathid: 0

§  Logs
RR4# sh bgp ipv6 uni 2001:DB8:CC1E:1000::/52
Paths: (1 available, no best path)
Refresh Epoch 1
20 300, (Received from a RR-client)
::FFFF:10.10.0.3 (inaccessible) from 10.10.0.3 (10.10.0.3)
Origin IGP, metric 0, localpref 100, valid, internal
rx pathid: 0, tx pathid: 0
ASBR3# sh bgp ipv6 uni 2001:DB8:CC1E:1000::/52
Paths: (1 available, best #1, table default)
Advertised to update-groups:
7
Refresh Epoch 1
20 300
2001:DB8:20:37::7 (FE80::A8BB:CCFF:FE00:610) from 2001:DB8:20:37::7
(20.20.0.7)
Origin IGP, localpref 100, valid, external, best
rx pathid: 0, tx pathid: 0x0

§  Logs
R20# ping 2001:db8:cafe:10::1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:DB8:CAFE:10::1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
R20# ping 2001:DB8:20:37::3
Sending 5, 100-byte ICMP Echos to 2001:DB8:20:37::3, timeout is 2 seconds:
% No valid route for destination
Success rate is 0 percent (0/1)
R20# ping 10.10.0.3 source loop 0
Sending 5, 100-byte ICMP Echos to 10.10.0.3, timeout is 2 seconds:
Packet sent with a source address of 200.0.0.20
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms

§  Configuration
Diagnostic Module – Configuration
PE1# sh run
...
router bgp 10
neighbor 10.10.0.4 remote 10
neighbor 10.10.0.4 update-sou lo 0
neigh 2001:DB8:CAFE:10::20 remote 200
!
address-family ipv6
neigh 10.10.0.4 activate
neigh 10.10.0.4 next-hop-self
neigh 2001:DB8:CAFE:10::20 activate
RR4# sh run
...
router bgp 10
address-family ipv6
neighbor 10.10.0.1 activate
neighbor 10.10.0.1 route-reflector-client
neighbor 10.10.0.3 activate
neighbor 10.10.0.3 route-reflector-client
ASBR3# sh run
...
router bgp 10
neighbor 10.10.0.4 remote 10
neighbor 10.10.0.4 update-source lo 0
neighbor 2001:DB8:20:37::70 remote-as 300
!
address-family ipv6 unicast
neigh 10.10.0.4 activate
neigh 10.10.0.4 next-hop-self
neighbor 2001:DB8:20:37::7 activate

Diagnostic Module
P2 ASBR3xPE1
RR4
AS 10
R20
IPv4 onlyIPv4 and IPv6 IPv4 and IPv6
10.10.0.0/16
2001.DB8.CAFE:10::/64
::20
::11
131::1
.21.1
.21.2 .23.2
.23.3
.24.2
.24.4
37::3
Area 0Area 10
20.1
AS 200
ASBR7
37::7
20.20.0.0/16
2001:DB8:20::/48
30.30.0.0/20
2001:DB8:30::/48
§  Which router would you check first in order to identify the root cause of
the issue?

P2 ASBR3xPE1
RR4
AS 10
R20
IPv4 onlyPv4 and IPv6 IPv4 and IPv6
10.10.0.0/16
2001.DB8.CAFE:10::/64
::20
::11
131::1
.21.1
.21.2 .23.2
.23.3
.24.2
.24.4
37::3
Area 0Area 10
20.1
AS 200
ASBR7
37::7
20.20.0.0/16
2001:DB8:20::/48
30.30.0.0/20
001:DB8:30::/48
§  Which show command would you apply on this device to help identifying
the root cause?
Diagnostic Module
Select one of the show commands
sh bgp ipv4 uni sum
sh bgp ipv4 uni label
sh bgp ipv4 uni neigh 10.10.0.4
sh bgp ipv6 uni neigh 2001:DB8:CAFE:10::20
sh bgp ipv6 uni neigh 2001:DB8:37::7
sh bgp ipv6 uni community

P2 ASBR3xPE1
RR4
AS 10
R20
IPv4 onlyPv4 and IPv6 IPv4 and IPv6
10.10.0.0/16
2001.DB8.CAFE:10::/64
::20
::11
131::1
.21.1
.21.2 .23.2
.23.3
.24.2
.24.4
37::3
Area 0Area 10
20.1
AS 200
ASBR7
37::7
20.20.0.0/16
2001:DB8:20::/48
30.30.0.0/20
001:DB8:30::/48
§  Which show command would you apply on this device to help identifying
the root cause?
Diagnostic Module

Preparation Materials, Tips, and
Tricks

CCIE Exam Preparation
-  Read
-  Understand
-  Remember
-  Basic Scenario
-  Increase
Difficulty
-  Explore
-  Observe
-  Invent
-  Verify
-  Anticipate
-  Validate

§  Prepare for the exam!
§  Plan your study
§  Do self assessment, “know what I don’t know”
§  Dedicate time per day
§  Always ask “What if”
§  Practice, practice, and practice
§  Learn how to browse on Cisco Documentation (sort, don’t search)
§  Choose materials from trustworthy source
§  Practice for speed and troubleshooting
Before the Exam
Build a study plan that works for you

§  Practice lab exercises with high level of complexity
§  Track your improvements
§  Identify areas requiring extra study
§  Adjust your study plan according to your findings
§  Technical skill is not the only thing you need to work on
§  Time management and exam-taking strategy is also important
§  Know how to navigate on Cisco documentation without using the search function
Practice Labs – Guidelines
Newton’s first law:
An object that is at rest will stay at rest unless an external force
acts upon it!

§  Arrive in the country, if you have to travel
§  Check Visa requirement in advance
§  Survey the lab location
§  Plan the trip to the lab location
§  Train timetable
§  Book a taxi
§  Etc
Day Before the Lab Exam

§  Have a good dinner
§  Have a good sleep
§  Do whatever you enjoy
§  To have a fit body, and
§  A mental condition for the BIG DAY
Lab Exam: Tips & Tricks

§  Reduce stress, arrive early, and prepare IDs!
§  Listen to the proctor’s guidelines
§  Re-draw the topology: physical, addressing, IGP and BGP topology per address-
family
§  Manage your time! Stick to your strategy!
§  Read the whole module, don’t forget the guidelines!
§  Don’t get stuck at the beginning, build your confidence!
§  Read, read and read the questions before asking for clarification to the proctor
§  Avoid last minute change!
§  Plan for “regression tests” and overall validations at the end of each module!
During the Exam

§  Proctor’s role is to keep exam fair
§  Talk to proctor if you don’t understand the question
§  Report any equipment or technical problems to the proctor as soon as it
occurs
Lab Exam Proctors

§  If you pass
§  If you fail
§  Release the anger! Do whatever you have to do
§  Try to switch from “Denial” to “Curious” quickly
§  Start looking for your mistakes
§  Repeat the scenarios in your own lab you have practice
§  Back to lab practice focusing on the failed scenarios
§  Book the next lab exam
After the Lab Exam
If you are 100% sure the CCIE Program team is wrong ask for review

§  Cisco Learning Network (CLN)
§  Cisco Expert-level Training Program for CCIE SP
§  New Cisco Press titles
§  Cisco.com Products, Technology documentation, configuration guide
§  Cisco.com Whitepapers, Design Zone, etc
§  Cisco Forums
§  Cisco Tools
§  External Resources
Preparation Materials

§  https://learningnetwork.cisco.com/docs/DOC-10002
§  https://learningnetwork.cisco.com/groups/ccie-sp-study-group
§  https://supportforums.cisco.com
§  www.cisco.com/go/documentation
•  www.cisco.com/go/tools
•  http://docwiki.cisco.com
On-line Resources, Training, …

§  Demos in the Cisco Campus
§  Walk-in Self-Paced Labs (WISP Labs)
§  Table Topics
§  Meet the Engineer 1:1 meetings
Continue Your Education

§  Do you consider yourself a Subject Matter Expert?
§  Would like to lend your expertise to the Cisco Certification Exam?
http://www.cisco.com/go/certsme
Become a Cisco Subject Matter Expert
Apply
Now!

§  Cisco dCloud is a self-service platform that can be accessed via a browser, a high-speed
Internet connection, and a cisco.com account
§  Customers will have direct access to a subset of dCloud demos and labs
§  Restricted content must be brokered by an authorized user (Cisco or Partner) and then shared
with the customers (cisco.com user).
§  Go to dcloud.cisco.com, select the location closest to you, and log in with your cisco.com
credentials
§  Review the getting started videos and try Cisco dCloud today: https://dcloud-cms.cisco.com/help
dCloud
Customers now get full dCloud experience!

CCIE Service Provider Techtorial

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (20)

Similar to CCIE Service Provider Techtorial

Similar to CCIE Service Provider Techtorial (20)

More from Cisco Canada

More from Cisco Canada (20)

Recently uploaded

Recently uploaded (20)

CCIE Service Provider Techtorial